Syslog to log NAT/CGN-Nat translations
I hope somebody knows to the answer to the question I am asking.
Can I and how do I , log ( syslog and/or syslog to a remote syslog server ) all NAT translations ?
Like many ISPs and WISPs , we get copyright notices which state somebody at an IP address downloaded something with some additional basic data.
I have a need to log time-stamped nat translations , so that I can locate what inside natted customer did what and where to with what protocol and what outside IP address was used.
This info is needed only to locate the customer and notify the customer to stop downloading copyrighted material/files/movies I receive notices for.
North Idaho Tom Jones
I think I basically have the same logging/tracing requirements as yours with copyright notices and so on.
In my cas, I need to translate 100-200 WPA2 Entreprise WiFi users (with BYOD) to which I provide 1 private IPv4 address to 1 public IPv4 address.
I first thought I would simply log NAT translations but was quickly overflowed by the amount of data. I do not imply this can't be done, but for some reasons, I didn't put a lot of effort to follow this route.
Then I thought I should set a deterministic NAT: each user is given a slice of ports (65k ports divided by 100 or 200). While thinking about this I saw two issues:
1. Implementing deterministic NAT itself
2. Binding 802.1x data to DHCP
I would be very curious to read about this 802.1x to DHCP point and more generally to read about this NAT translation logging.